<?php

namespace App\Middlewares;

use \Psr\Http\Message\ServerRequestInterface as Request;
use \Psr\Http\Message\ResponseInterface as Response;
use App\Models\UserModel;

/**
 * 身份认证中间件
 */

class RoleMiddleware extends BaseMiddleware {

	public function __invoke(Request $request, Response $response, $next) {
		$urlpath = $request -> getUri() -> getPath();
		$user = new UserModel();
		$ret = $user -> getUserRolePower($_SESSION["UserName"], $urlpath);

		//验证是否具备访问权限
		if ($ret == 0) {
			//$response = $response -> getBody() -> write("<h1>没有权限访问该资源</h1>");
			return $response -> withRedirect($this -> container -> router -> pathFor('Error'));
		} else {
			$response = $next($request, $response);
		}
		return $response;
	}

}
